Open javanlacerda opened 1 month ago
and when you have time can you describe the PR and why we need that?
thanks!
Sure! I apologize I hadn't do that already. I am working on this issue https://github.com/sigstore/fulcio/issues/1111. My plan is having a generic module that handle ci providers id tokens claims defined in a configuration file, in this case, a yaml file.
I'll put a more detailed description in the PR summary soon.
@cpanato, the motivation is to simplify CI/CD OIDC provider onboarding. Rather than have each OIDC provider have to modify code to add a new provider, they instead should only need to modify a configuration file which will contain the mapping between OIDC claim and x509 extension value.
@cpanato, the motivation is to simplify CI/CD OIDC provider onboarding. Rather than have each OIDC provider have to modify code to add a new provider, they instead should only need to modify a configuration file which will contain the mapping between OIDC claim and x509 extension value.
that is nice! thanks for the clarification
Attention: Patch coverage is 76.00000%
with 24 lines
in your changes missing coverage. Please review.
Project coverage is 49.48%. Comparing base (
cf238ac
) to head (8ab3f2a
). Report is 129 commits behind head on main.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Once this PR is ready for review and all comments addressed, can you post here?
Once this PR is ready for review and all comments addressed, can you post here?
Hey @haydentherapper, could you take a look?
Contribute towards #1111
Summary
It adds CiProvider as a new OIDCIssuer type. We will migrate all ci providers to use a generic principal by changing their types to this new type.
It should not change any current behavior.
Release Note
Documentation
cc @haydentherapper